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DETAILED ACTION 

1. Claims 2, 5, 19, and 21 designate an 'amended' status even though the claims 
were not amended. Also, when claims are canceled, the limitations of the claims are 
not supposed to be with the claim number. For example, "22. (canceled)." There 
should be no limitations after the period. 

2. Claims 1-16, 19, 21, and 23-26 are pending in this action, claims 17, 18, 20, and 

22 are canceled and claims 23-26 are newly added. 

3. Applicant's arguments, filed April 23, 2005, with respect to claims 1-16,19,21, 
and 23-26 have been considered but are moot in view of the new ground(s) of rejection. 

Claim Objections 

4. Claims 23-26 are objected to because of the following informalities: claim 23 
labels the 'read only memory' as RAM, even though it is well known in the art that RAM 
is a random access memory, which is volatile. Examiner is treating limitation 1 of claim 

23 as a random access memory. Claims 24-26 depend from claim 23 and therefore 
inherit its deficiencies. Appropriate correction is required. 

Rejections 

5. The text of those sections of Title 35, U.S. Code that are not included in this 
rejection can be found in a prior Office action. 
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Claim Rejections - 35 USC § 103 

6. Claims 1-16. 19. 21. and 23-26 are rejected under 35 U.S.C. 1 02(a) as being 
unpatentable over Munroe et al. (U.S. Patent No. 5,280,614) in view of Colburn et al. 
(U.S. Patent No. 6,173,404). 

Regarding claims 1 and 13 . Munroe et al. teaches a process/computer-readable 
medium for protecting a computer from hostile code, the process comprising: 

• Identifying objects and processes within the computer (col. 6, lines 31-34); 

• Defining at least two trust groups, each of the defined trust groups being 
characterized by a trust group value (col. 5, lines 33-49 and fig. 3); and 

• Assigning objects and processes in the computer to one of said trust groups, 
irrespective of the rights of a user of said computer (col. 5, line 50 through col. 6, 
line 21). 

Munroe et al. does not teach defining at least two object types; assigning an 
object type to each of the objects; defining an action rule for each combination of 
process trust group value, object trust group value, and object type; and 
performing the action indicated by the action rule applicable to the trust group 
value of the requesting process, the trust group value of the target object, and the object 
type. 



Application/Control Number: 10/037,560 Page 4 

Art Unit: 2136 

Colburn et al. teaches defining at least two object types; assigning an object 
type to each of the objects (fig. 3 and col. 5, line 65 through col. 6, line 28); and 
defining an action rule for each combination of process trust group value, object 
trust group value, and object type (TABLE 1 and 2, col. 9, line 1 through col. 10, line 
5); and performing the action indicated by the action rule applicable to the trust 
group value of the requesting process, the trust group value of the target object, and 
the object type (col. 10, lines 6-14). 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to combine defining object types, assigning object types to 
each object, defining an action rule for each combination of process trust group 
value, object trust group value, and object type; and performing the action 
indicated by the action rule based on the trust group value of the requesting process, 
the trust group value of the target object, and the object type, as taught by Colburn et 
al, with the process/medium of Munroe et al. It would have been obvious for such 
modifications because these features provide various security levels for different object 
(see col. 10, lines 6-14 of Colburn et al.). See also col. 7, lines 1-14 of Munroe et al. 

Regarding claim 2 , Munroe et al. as modified by Colburn et al. teaches wherein a 
process is assigned upon creation to the trust group assigned to the passive code from 
which the process is created (see col. 6, lines 43-64 of Munroe et al.). 
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Regarding claim 3 , Munroe et al. as modified by Colburn et al. teaches further 
comprising changing the trust group of the process if the trust group value of the 
process is greater than the trust group value of the object (see col. 6, lines 34-36 of 
Munroe et al.). 

Regarding claim 4 . Munroe et al. as modified by Colburn et al. teaches further 
comprising changing the trust group of said object after performing said action (see 
col. 6, lines 34-36 of Munroe et al.). 

Regarding claim 5 . Munroe et al. as modified by Colburn et al. teaches further 
comprising, upon creation of an object by a process, assigning said created object to 
the trust group of said process (see col. 6, lines 43-64 of Munroe et al.). 

Regarding claim 6 , Munroe et al. as modified by Colburn et al. teaches further 
comprising defining at least two operation types and wherein said combination 
includes at least one of said operation types (see col. 10, lines 44-46 of Colburn et 

al.). 

Regarding claim 7 . Munroe et al. as modified by Colburn et al. teaches wherein 
said trust groups are hierarchically ordered (see col. 5, lines 33-35 of Munroe et al.), 
and wherein said process further comprises allowing said access request when the 
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trust group of said process is higher or equal in said hierarchy than the trust group of 
said object (see col. 8, lines 4-24 of Munroe et al.). 

Regarding claim 8 , Munroe et al. as modified by Colburn et al. teaches further 
comprising assigning said process to the trust group of said object if the trust group of 
said process is higher than the trust group of said object (see col. 5, line 50 
through col. 6, line 21 and col. 6, lines 43-64 of Munroe et al.). 

Regarding claim 9 , Munroe et al. as modified by Colburn et al. teaches wherein 
upon a restart of said process, the trust group of said process reverts to the 
original trust group of the object from which the process was created (see col. 15, 
lines 46-58 of Colburn et al.). 

Regarding claim 10 , Munroe et al. as modified by Colburn et al. teaches further 
comprising: 

• Defining at least two process types (see col. 5, line 50 through col. 6, line 21 of 
Munroe et al.); 

• Assigning processes to one of said process types (see col. 5, line 50 through 
col. 6, line 21 of Munroe et al.); and 

• Wherein said combination includes at least one of said process types (see 
col. 10, lines 6-14 of Colburn et al.). 
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Regarding claims 11 and 16 . official notice is taken that wherein said object 
types comprise passive code and executable code. By definition of passive code 
and executable code, i.e., passive code being code that is not executed yet, and 
executable code being code that is in the process of executing — typical computers have 
both running and idle programs at any given time. Therefore, there exists passive code 
and executable code as object types. 

Regarding claims 12 and 15 . Munroe et al. as modified by Colburn et al. teaches 
wherein said operation types comprise open, read, create, modify, and delete (see 
col. 10, lines 44-46 of Colburn et al.). 

Regarding claim 14 . Munroe et al. as modified by Colburn et al. teaches further 
comprising instructions causing the computer to: 

• Define a table of types of at least two types of objects, the objects in the 
computer being assigned one type (see fig. 3 and col. 5, line 65 through col. 6, 
line 28 of Colburn et al.); and 

• Wherein said plurality of rules defines said actions further based on the 
type of said object (see col. 1 0, lines 6-14 of Colburn et al.). 

Regarding claims 19 and 21 . official notice is taken that the computer is 
operatively coupled to a network, the network including a server, the table of trust 
groups/rules is stored in said server because Munroe et al. mentions mainframe 
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computers as a source target for his invention. Mainframe computers are connected to 
clients, this making the mainframe a server. It would have been obvious to store tables 
on the server because the server remains on, while individual terminals may turn off and 
on periodically. The stored tables would be lost of the tables were stored on a terminal, 
instead of the server. 

Regarding claim 23 , Munroe et al. teaches a computer comprising: 

• A random access memory (fig. 1, ref. num 110); 

• A non-volatile memory (fig. 1, ref. num 122/123); 

• A processor coupled to said RAM and said non-volatile memory (fig. 1 , ref. num 
100); 

• Wherein said non-volatile memory comprises: 

o A list of object trust groups, each trust group defining an object trust value 
and coupled to at least one of said rules (col. 5, lines 33-49 and fig. 3); 

o A plurality of objects, each of said objects having an object type and 
assigned to one of said trust groups (col. 6, lines 31-34); and 

• Wherein when a process is created in said RAM from an originating object of one 
of said objects, said processor assigns to said process a process trust value 
equal to the object trust value of said originating object (col. 6, lines 62-68). 



Munroe et al. does not teach a list of object types and a list of rules, each 
rule defining an action based on an object type. 
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Colburn et aL teaches a list of object types (fig. 3 and col. 5, line 65 through 
col. 6, line 28) and a list of rules, each rule defining an action based on an object 
type (TABLE 1 and 2, col. 9, line 1 through col. 10, line 5). 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to combine a list of object types and a list of rules, each rule 
defining an action based on an object type, as taught by Colburn et aL with the 
computer of Munroe et aL It would have been obvious for such modifications because 
these features provide various security levels for different object (see col. 10, lines 6-14 
of Colburn et al.). See also col. 7, lines 1-14 of Munroe et al. 

Regarding claim 24 , Munroe et al. as modified by Colburn et al. teaches further 
comprising a controller receiving operation requests from said process to be performed 
on a target object of one of said objects and, upon receiving said requests said 
controller access said list of object trust groups, list of rules, and list of object type to 
determine whether to allow the operation (see TABLE 1 and 2, col. 9, line 1 through col. 
10, line 5 of Colburn et al.). 

Regarding claim 25 , Munroe et al. as modified by Colburn et al. teaches wherein 
when the process trust value is not lower than the target object trust value, said 
controller allows said operation request (see fig. 5, ref. num 504 of Munroe et al.). 
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Regarding claim 26 . Munroe et al. as modified by Colburn et al. teaches wherein 
the controller allows the operation request but the process trust value is lower than the 
target object trust value, said processor resets the process trust value equal to that of 
the target object trust value (see col. 8, lines 5-15 of Colburn et al., dynamic inheritance 
allows objects to be change dynamically). 

Conclusion 

7. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 

i 

mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 



Application/Control Number: 10/037,560 



Page 1 1 



Art Unit: 2136 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Brandon S. Hoffman whose telephone number is 571- 
272-3863. The examiner can normally be reached on M-F 8:30 - 5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on 571-272-3795. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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